Abstract
In this paper, security requirements for software agents and smart devices are derived by working from typical requirements for existing systems, exploring the changes that are envisaged as systems become more highly distributed, then identifying what these imply for a device or service in a pervasive environment. A similar treatment is given to threats, which give rise to both security requirements and design issues. This approach provides insights into security requirements that will be significantly different from today’s distributed system policies: they demonstrate that pervasive computing requires a qualitative change in security policy and practice. The paper also explores trade-offs between security complexity and device functionality, and argues that the degree of policy management required in a device will be an important factor in this balance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Weiser, M.: The Computer for the 21st Century. Scientific American 265(3) (1991)
Foster, I., et al.: The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Implementation. Global Grid Forum (2002), http://www.gridforum.org/ogsi-wg/
Kreger, H.: Web Services Conceptual Architecture. IBM (2001), http://www-3.ibm.com/software/solutions/webservices/pdf/WSCA
US Department of Defence. Trusted Computer System Evaluation Criteria (Orange Book). DoD 5200.28-STD (1985)
Network Related Security Features. 3rd Generation Partnership Project, GSM 03:20 (2001)
Liberty Alliance. Liberty Architecture Overview (2002), http://www.projectliberty.org/
Foster, I., et al.: A Security Architecture for Computational Grids. In: Proc 5th ACMConference on Computer and Communications Security, pp. 83–92 (1998)
Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. In The European Union (1995)
Erdos, M., Cantor, S.: Shibboleth Architecture. Internet2 (2001), http://middleware.internet2.edu/shibboleth/
Thompson, M., et al.: Certificate-Based Access Control for Widely Distributed Resources. In: Proc 8th Usenix Security Symposium, Washington, D.C (1999)
Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a Role-Based Trust-Management Framework. In: 2002 IEEE Symposium on Security and Privacy, pp. 114–130. IEEE Computer Society, Los Alamitos (2002)
Fischer-Hübner, S., Ott, A.: From a Formal Privacy Model to its Implementation. In: Proceedings of the 21st National Information Systems Security Conference (NISSC 1998), Arlington, VA (1998)
Jiang, X., Landay, J.A.: Modeling Privacy Control in Context-Aware Systems. IEEE Pervasive Computing 1(3), 59–63 (2002)
H.-W. Gellersen, A. Schmidt, M. Beigl. Multi-Sensor Context-Awareness inMobile Devices and Smart Artifacts. Journal of Mobile Networks and Applications (Special Issue on Mobility of Systems, Users, Data and Computing in Mobile Networks and Applications, MONET) (2002)
Pearlman, L., et al.: A Community Authorisation Service for Group Collaboration. In: Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks (2002)
Stajano, F., Anderson, R.: The Resurrecting Duckling: Security Issues in Ad-Hoc Wireless Networks. AT&T Laborotories (1999)
Nwana, H.S.: Software Agents: An Overview. Knowledge Engineering Review 11(3), 205–244 (1996)
Gunter, D., et al.: Dynamic Monitoring of High-Performance Distributed Applications. In: Proceedings of The 11th IEEE International Symposium on High Performance Distributed Computing (2002)
Farmer, W.M., Guttman, J.D., Swarup, V.: Security for Mobile Agents: Issues and Requirements. In: Proc. 19th NIST/NCSC National Information Systems Security Conference. pp. 591–597 (1996)
Karjoth, G., Posegga, J.: Mobile Agents and Telcos’ Nightmares. Annales des Telecommunications 55(7/8), 29–41 (2000)
Stepney, S.: Critical Critical Systems. In: Abdallah, A.E., Ryan, P.Y.A., Schneider, S. (eds.) FASec 2002. LNCS, vol. 2629, pp. 62–70. Springer, Heidelberg (2003)
Cybenko, G., Giani, A., Thompson, P.: Cognitive Hacking: A Battle for the Mind. IEEE Computer 35(8), 50–56 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chivers, H., Clark, J.A., Stepney, S. (2004). Smart Devices and Software Agents: The Basics of Good Behaviour. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds) Security in Pervasive Computing. Lecture Notes in Computer Science, vol 2802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39881-3_7
Download citation
DOI: https://doi.org/10.1007/978-3-540-39881-3_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20887-7
Online ISBN: 978-3-540-39881-3
eBook Packages: Springer Book Archive